Visit to Vietnam (VNCERT and AIS)
xin chào! (“Hello” in Vietnamese)
This is Katsuhiro Mori from Cyber Metrics Line, Global Coordination Division. I would like to report about my visit to Hanoi, Vietnam in December 2018.
Visiting CSIRTs in the world
After the previous trip to Tunisia, I had a chance to visit Authority of Internet Security (AIS) which operates under the Ministry of Information and Communications, and VNCERT on 13 December 2018. As I mentioned in my last blog post, we are making efforts to strengthen the trust relationship among CERTs by meeting face-to-face.
AIS(Authority of Information Security)
- Formulate laws, policies and other legislative documents related to information security;
- Implement technical and procedural measures, including critical information infrastructure protection and building national-wide infrastructure to protect cyberspace in Vietnam;
- Guide and support governmental agencies and other organizations to enhance and protect their information systems from information security risks;
- Give out early warning in information security;
- Ordinate activities on preventing SPAM in Vietnam;
- Monitor and inspect the protection activities on Information security;
- Evaluate the level in term of Information security level in organizations and critical information infrastructure.
- Raise awareness, improving capacity and cooperate with international organizations in information security area.
AIS conducts the following activities (quoted from AIS website):
Some AIS members visited JPCERT/CC office in August 2018, and we had a meeting to exchange information about each other’s activity.
If you look up Vietnam's Mejiro index, you may notice that their score in SSDP ((Simple Service Discovery Protocol) is quite low. This means that there are a small number of internet-reachable devices running on SSDP protocol in Vietnam. We asked AIS about measures that local ISP and hosting providers have taken for this item.
|Vietnam's Mejiro index|
VNCERT(VietNam Computer Emergency Responce Team)
VNCERT is located in the same building that AIS sits in. Besides the Hanoi main office, they have other branches in Ho Chi Minh City and Danang. VNCERT’s activities are listed as follows: (quoted from VNCERT's website)
- Coordinate of computer incident response activities in nationwide;
- Provide timely warnings of computer network security issues;
- Coordinate the development of standards and technical regulations on computer network safety;
- Encourage the formation of CERT systems in agencies, organizations and enterprises;
- Operate as a contact point with the foreign computer rescue organizations (CERTs).
VNCERT is an Operational Member of APCERT, in which JPCERT/CC serves as Secretariat and a Steering Committee member.
usual contact person may move to another department or leave the organisation, which may disrupt the communication suddenly. CSIRT personnel may also change due to organisational restructure. Given the situation, it is important to keep the contact information up to date. We hope to continue building strong relationship through face-to-face communication. xin cảm ơn (“Thanks” in Vietnamese) for reading. (Translated by Yukako Uchida)